adobe — acrobat_reader |
Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.20096 (and earlier), 20.004.30015 (and earlier), and 17.011.30202 (and earlier) is affected by a use-after-free vulnerability in the processing of the GetURL function on a global object window that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-10-15 |
not yet calculated |
CVE-2021-40728
MISC |
adobe — acrobat_reader |
Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.20096 (and earlier), 20.004.30015 (and earlier), and 17.011.30202 (and earlier) is affected by a out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file. |
2021-10-15 |
not yet calculated |
CVE-2021-40729
MISC |
adobe — acrobat_reader
|
Acrobat Reader for Android versions 21.8.0 (and earlier) are affected by a Path traversal vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-10-15 |
not yet calculated |
CVE-2021-40724
MISC |
adobe — acrobat_reader
|
Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.20096 (and earlier), 20.004.30015 (and earlier), and 17.011.30202 (and earlier) is affected by an out-of-bounds write vulnerability when parsing a crafted JPEG2000 file, which could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-10-15 |
not yet calculated |
CVE-2021-40731
MISC |
adobe — acrobat_reader
|
Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.20096 (and earlier), 20.004.30015 (and earlier), and 17.011.30202 (and earlier) is affected by a use-after-free that allow a remote attacker to disclose sensitive information on affected installations of of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPG2000 images. |
2021-10-15 |
not yet calculated |
CVE-2021-40730
MISC |
adobe — commerce
|
Adobe Commerce versions 2.4.2-p2 (and earlier), 2.4.3 (and earlier) and 2.3.7p1 (and earlier) are affected by a cross-site request forgery (CSRF) vulnerability via a Wishlist Share Link. Successful exploitation could lead to unauthorized addition to customer cart by an unauthenticated attacker. Access to the admin console is not required for successful exploitation. |
2021-10-15 |
not yet calculated |
CVE-2021-39864
MISC |
adobe — connect
|
Adobe Connect version 11.2.2 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser. |
2021-10-15 |
not yet calculated |
CVE-2021-40721
MISC |
advantech — webaccess
|
An authenticated user using Advantech WebAccess SCADA in versions 9.0.3 and prior can use API functions to disclose project names and paths from other users. |
2021-10-15 |
not yet calculated |
CVE-2021-38431
MISC |
anker_eufy — homebase_2 |
A use-after-free vulnerability exists in the pushMuxer CreatePushThread functionality of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted set of network packets can lead to remote code execution. |
2021-10-12 |
not yet calculated |
CVE-2021-21941
MISC |
anker_eufy — homebase_2
|
A heap-based buffer overflow vulnerability exists in the pushMuxer processRtspInfo functionality of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted network packet can lead to a heap buffer overflow. An attacker can send a malicious packet to trigger this vulnerability. |
2021-10-12 |
not yet calculated |
CVE-2021-21940
MISC |
anuko — time_tracker
|
Anuko Time Tracker is an open source, web-based time tracking application written in PHP. When a logged on user selects a date in Time Tracker, it is being passed on via the date parameter in URI. Because of not checking this parameter for sanity in versions prior to 1.19.30.5600, it was possible to craft the URI with malicious JavaScript, use social engineering to convince logged on user to click on such link, and have the attacker-supplied JavaScript to be executed in user’s browser. This issue is patched in version 1.19.30.5600. As a workaround, one may introduce `ttValidDbDateFormatDate` function as in the latest version and add a call to it within the access checks block in time.php. |
2021-10-13 |
not yet calculated |
CVE-2021-41139
CONFIRM
MISC
MISC |
anydesk — anydesk
|
AnyDesk before 6.2.6 and 6.3.x before 6.3.3 allows a local user to obtain administrator privileges by using the Open Chat Log feature to launch a privileged Notepad process that can launch other applications. |
2021-10-14 |
not yet calculated |
CVE-2021-40854
MISC |
apache — couchdb
|
In Apache CouchDB, a malicious user with permission to create documents in a database is able to attach a HTML attachment to a document. If a CouchDB admin opens that attachment in a browser, e.g. via the CouchDB admin interface Fauxton, any JavaScript code embedded in that HTML attachment will be executed within the security context of that admin. A similar route is available with the already deprecated _show and _list functionality. This privilege escalation vulnerability allows an attacker to add or remove data in any database or make configuration changes. This issue affected Apache CouchDB prior to 3.1.2 |
2021-10-14 |
not yet calculated |
CVE-2021-38295
MISC |
apache — openoffice |
It is possible for an attacker to manipulate documents to appear to be signed by a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25635 for the LibreOffice advisory. |
2021-10-11 |
not yet calculated |
CVE-2021-41832
CONFIRM
MLIST |
apache — openoffice
|
It is possible for an attacker to manipulate signed documents and macros to appear to come from a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25633 for the LibreOffice advisory. |
2021-10-11 |
not yet calculated |
CVE-2021-41830
CONFIRM
MLIST |
apache — openoffice
|
It is possible for an attacker to manipulate the timestamp of signed documents. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25634 for the LibreOffice advisory. |
2021-10-11 |
not yet calculated |
CVE-2021-41831
CONFIRM
MLIST |
apache — tomcat
|
The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. The object introduced to collect metrics for HTTP upgrade connections was not released for WebSocket connections once the connection was closed. This created a memory leak that, over time, could lead to a denial of service via an OutOfMemoryError. |
2021-10-14 |
not yet calculated |
CVE-2021-42340
MISC |
apache — traffic_control_traffic_ops
|
An authenticated Apache Traffic Control Traffic Ops user with Portal-level privileges can send a request with a specially-crafted email subject to the /deliveryservices/request Traffic Ops endpoint to send an email, from the Traffic Ops server, with an arbitrary body to an arbitrary email address. Apache Traffic Control 5.1.x users should upgrade to 5.1.3 or 6.0.0. 4.1.x users should upgrade to 5.1.3. |
2021-10-12 |
not yet calculated |
CVE-2021-42009
MISC
MISC
MLIST
MLIST
MLIST |
api/notify — api/notify
|
An XML External Entity (XXE) vulnerability was discovered in /api/notify.php in S-CMS 3.0 which allows attackers to read arbitrary files. |
2021-10-14 |
not yet calculated |
CVE-2020-19954
MISC |
aruba — clearpass_policy_manager |
A remote directory traversal vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 – – ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 – – ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability. |
2021-10-15 |
not yet calculated |
CVE-2021-40988
MISC |
aruba — clearpass_policy_manager |
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 – – ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 – – ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability. |
2021-10-15 |
not yet calculated |
CVE-2021-40998
MISC |
aruba — clearpass_policy_manager |
A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 – – ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 – – ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability. |
2021-10-15 |
not yet calculated |
CVE-2021-40990
MISC |
aruba — clearpass_policy_manager |
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 – – ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 – – ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability. |
2021-10-15 |
not yet calculated |
CVE-2021-40994
MISC |
aruba — clearpass_policy_manager |
A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 – – ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 – – ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability. |
2021-10-15 |
not yet calculated |
CVE-2021-40996
MISC |
aruba — clearpass_policy_manager
|
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 – – ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 – – ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability. |
2021-10-15 |
not yet calculated |
CVE-2021-40999
MISC |
aruba — clearpass_policy_manager
|
A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 – – ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 – – ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability. |
2021-10-15 |
not yet calculated |
CVE-2021-40991
MISC |
aruba — clearpass_policy_manager
|
A remote SQL injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 – – ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 – – ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability. |
2021-10-15 |
not yet calculated |
CVE-2021-40993
MISC |
aruba — clearpass_policy_manager
|
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 – – ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 – – ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability. |
2021-10-15 |
not yet calculated |
CVE-2021-40986
MISC |
aruba — clearpass_policy_manager
|
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 – – ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 – – ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability. |
2021-10-15 |
not yet calculated |
CVE-2021-40987
MISC |
aruba — clearpass_policy_manager
|
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 – – ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 – – ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability. |
2021-10-15 |
not yet calculated |
CVE-2021-40995
MISC |
aruba — clearpass_policy_manager
|
A local escalation of privilege vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 – – ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 – – ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability. |
2021-10-15 |
not yet calculated |
CVE-2021-40989
MISC |
aruba — clearpass_policy_manager
|
A remote SQL injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 – – ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 – – ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability. |
2021-10-15 |
not yet calculated |
CVE-2021-40992
MISC |
aruba — clearpass_policy_manager
|
A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 – – ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 – – ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability. |
2021-10-15 |
not yet calculated |
CVE-2021-40997
MISC |
bookstack — bookstack
|
bookstack is vulnerable to Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) |
2021-10-15 |
not yet calculated |
CVE-2021-3874
MISC
CONFIRM |
brandy_basic — v_interpreter
|
A buffer overflow vulnerability exists in Brandy Basic V Interpreter 1.21 in the run_interpreter function. |
2021-10-11 |
not yet calculated |
CVE-2020-27372
MISC |
check_smart — check_smart
|
check_smart before 6.9.1 allows unintended drive access by an unprivileged user because it only checks for a substring match of a device path (the /dev/bus substring and a number), aka an unanchored regular expression. |
2021-10-11 |
not yet calculated |
CVE-2021-42257
MISC
MISC
MISC
MLIST |
cmsuno — cmsuno
|
CMSUno version 1.7.2 is affected by a PHP code execution vulnerability. sauvePass action in {webroot}/uno/central.php file calls to file_put_contents() function to write username in password.php file when a user successfully changed their password. The attacker can inject malicious PHP code into password.php and then use the login function to execute code. |
2021-10-11 |
not yet calculated |
CVE-2021-40889
MISC |
corenlp — corenlp
|
corenlp is vulnerable to Improper Restriction of XML External Entity Reference |
2021-10-15 |
not yet calculated |
CVE-2021-3878
CONFIRM
MISC |
cybozu — remote_service |
Cross-site script inclusion vulnerability in the management screen of Cybozu Remote Service 3.1.8 allows a remote authenticated attacker to obtain the information stored in the product. This issue occurs only when using Mozilla Firefox. |
2021-10-13 |
not yet calculated |
CVE-2021-20797
MISC
MISC |
cybozu — remote_service |
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. |
2021-10-13 |
not yet calculated |
CVE-2021-20799
MISC
MISC |
cybozu — remote_service |
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. |
2021-10-13 |
not yet calculated |
CVE-2021-20800
MISC
MISC |
cybozu — remote_service |
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.0.0 to 3.1.9 allows a remote attacker to inject an arbitrary script via unspecified vectors. |
2021-10-13 |
not yet calculated |
CVE-2021-20807
MISC
MISC |
cybozu — remote_service
|
Open redirect vulnerability in Cybozu Remote Service 3.0.0 to 3.1.9 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. |
2021-10-13 |
not yet calculated |
CVE-2021-20806
MISC
MISC |
cybozu — remote_service
|
Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to cause a denial of service (DoS) condition via unspecified vectors. |
2021-10-13 |
not yet calculated |
CVE-2021-20804
MISC
MISC |
cybozu — remote_service
|
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.7 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. |
2021-10-13 |
not yet calculated |
CVE-2021-20805
MISC
MISC |
cybozu — remote_service
|
Operation restriction bypass in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to alter the data of the management screen. |
2021-10-13 |
not yet calculated |
CVE-2021-20803
MISC
MISC |
cybozu — remote_service
|
HTTP header injection vulnerability in Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote attacker to alter the information stored in the product. |
2021-10-13 |
not yet calculated |
CVE-2021-20802
MISC
MISC |
cybozu — remote_service
|
Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to conduct XML External Entity (XXE) attacks and obtain the information stored in the product via unspecified vectors. This issue occurs only when using Mozilla Firefox. |
2021-10-13 |
not yet calculated |
CVE-2021-20801
MISC
MISC |
cybozu — remote_service
|
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. |
2021-10-13 |
not yet calculated |
CVE-2021-20798
MISC
MISC |
cybozu — remote_service
|
Directory traversal vulnerability in the management screen of Cybozu Remote Service 3.1.8 allows a remote authenticated attacker to upload an arbitrary file via unspecified vectors. |
2021-10-13 |
not yet calculated |
CVE-2021-20796
MISC
MISC |
cybozu — remote_service
|
Cross-site request forgery (CSRF) vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote attacker to hijack the authentication of administrators and unintended operations may be performed via unspecified vectors. |
2021-10-13 |
not yet calculated |
CVE-2021-20795
MISC
MISC |
deno — deno
|
Deno before 0.107.0 allows Code Injection via an untrusted YAML file in certain configurations. |
2021-10-11 |
not yet calculated |
CVE-2021-42139
MISC
MISC
MISC |
django — unicorn
|
The Unicorn framework before 0.36.1 for Django allows XSS via a component. NOTE: this issue exists because of an incomplete fix for CVE-2021-42053. |
2021-10-11 |
not yet calculated |
CVE-2021-42134
MISC
MISC |
draytek — vigorconnect |
An arbitrary file upload and directory traversal vulnerability exists in the file upload functionality of DownloadFileServlet in Draytek VigorConnect 1.6.0-B3. An unauthenticated attacker could leverage this vulnerability to upload files to any location on the target operating system with root privileges. |
2021-10-13 |
not yet calculated |
CVE-2021-20125
MISC |
draytek — vigorconnect |
An information disclosure vulnerability exists in Draytek VigorConnect 1.6.0-B3, allowing an unauthenticated attacker to export system logs. |
2021-10-13 |
not yet calculated |
CVE-2021-20129
MISC |
draytek — vigorconnect |
An arbitrary file deletion vulnerability exists in the file delete functionality of the Html5Servlet endpoint of Draytek VigorConnect 1.6.0-B3. This allows an authenticated user to arbitrarily delete files in any location on the target operating system with root privileges. |
2021-10-13 |
not yet calculated |
CVE-2021-20127
MISC |
draytek — vigorconnect
|
A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the DownloadFileServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges. |
2021-10-13 |
not yet calculated |
CVE-2021-20123
MISC |
draytek — vigorconnect
|
A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the WebServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges. |
2021-10-13 |
not yet calculated |
CVE-2021-20124
MISC |
draytek — vigorconnect
|
Draytek VigorConnect 1.6.0-B3 lacks cross-site request forgery protections and does not sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request. |
2021-10-13 |
not yet calculated |
CVE-2021-20126
MISC |
draytek — vigorconnect
|
The Profile Name field in the floor plan (Network Menu) page in Draytek VigorConnect 1.6.0-B3 was found to be vulnerable to stored XSS, as user input is not properly sanitized. |
2021-10-13 |
not yet calculated |
CVE-2021-20128
MISC |
dzzoffice — dzzoffice
|
Dzzoffice Version 2.02.1 is affected by cross-site scripting (XSS) due to a lack of sanitization of input data at all upload functions in webroot/dzz/attach/Uploader.class.php and return a wrong response in content-type of output data in webroot/dzz/attach/controller.php. |
2021-10-11 |
not yet calculated |
CVE-2021-40191
MISC |
dzzoffice — dzzoffice
|
A Stored Cross Site Sripting (XSS) vulnerability exists in DzzOffice 2.02.1 via the settingnew parameter. |
2021-10-12 |
not yet calculated |
CVE-2021-40292
MISC |
easytest — easytest |
The Easytest contains SQL injection vulnerabilities. After obtaining user’s privilege, remote attackers can inject SQL commands into the parameters of the learning history page to access all database and obtain administrator permissions. |
2021-10-15 |
not yet calculated |
CVE-2021-42333
CONFIRM |
easytest — easytest |
Easytest bulletin board management function of online learning platform does not filter special characters. After obtaining a user’s privilege, remote attackers can inject JavaScript and execute stored XSS attack. |
2021-10-15 |
not yet calculated |
CVE-2021-42335
CONFIRM |
easytest — easytest
|
The learning history page of the Easytest is vulnerable by permission bypass. After obtaining a user’s permission, remote attackers can access other users’ and administrator’s account information except password by crafting URL parameters. |
2021-10-15 |
not yet calculated |
CVE-2021-42336
CONFIRM |
easytest — easytest
|
The Easytest contains SQL injection vulnerabilities. After obtaining a user’s privilege, remote attackers can inject SQL commands into the parameters of the elective course management page to obtain all database and administrator permissions. |
2021-10-15 |
not yet calculated |
CVE-2021-42334
CONFIRM |
electron — electron
|
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. A vulnerability in versions prior to 11.5.0, 12.1.0, and 13.3.0 allows a sandboxed renderer to request a “thumbnail” image of an arbitrary file on the user’s system. The thumbnail can potentially include significant parts of the original file, including textual data in many cases. Versions 15.0.0-alpha.10, 14.0.0, 13.3.0, 12.1.0, and 11.5.0 all contain a fix for the vulnerability. Two workarounds aside from upgrading are available. One may make the vulnerability significantly more difficult for an attacker to exploit by enabling `contextIsolation` in one’s app. One may also disable the functionality of the `createThumbnailFromPath` API if one does not need it. |
2021-10-12 |
not yet calculated |
CVE-2021-39184
MISC
CONFIRM |
ericsson — network_manager
|
** UNSUPPORTED WHEN ASSIGNED ** In OSS-RC systems of the release 18B and older during data migration procedures certain files containing usernames and passwords are left in the system undeleted but in folders accessible by top privileged accounts only. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Ericsson Network Manager is a new generation OSS system which OSS-RC customers shall upgrade to. |
2021-10-14 |
not yet calculated |
CVE-2021-32571
MISC |
ericsson — network_manager
|
** UNSUPPORTED WHEN ASSIGNED ** In OSS-RC systems of the release 18B and older customer documentation browsing libraries under ALEX are subject to Cross-Site Scripting. This problem is completely resolved in new Ericsson library browsing tool ELEX used in systems like Ericsson Network Manager. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Ericsson Network Manager is a new generation OSS system which OSS-RC customers shall upgrade to. |
2021-10-14 |
not yet calculated |
CVE-2021-32569
MISC |
exacqvision — server
|
Under certain configurations an unauthenticated remote user could be given access to credentials stored in the exacqVision Server. |
2021-10-11 |
not yet calculated |
CVE-2021-27664
CERT
CONFIRM |
fatek — automation_communication_server
|
FATEK Automation Communication Server Versions 1.13 and prior lacks proper validation of user-supplied data, which could result in a stack-based buffer overflow condition and allow an attacker to remotely execute code. |
2021-10-15 |
not yet calculated |
CVE-2021-38432
MISC |
frontier — frontier
|
Frontier is Substrate’s Ethereum compatibility layer. In the newly introduced signed Frontier-specific extrinsic for `pallet-ethereum`, a large part of transaction validation logic was only called in transaction pool validation, but not in block execution. Malicious validators can take advantage of this to put invalid transactions into a block. The attack is limited in that the signature is always validated, and the majority of the validation is done again in the subsequent `pallet-evm` execution logic. However, do note that a chain ID replay attack was possible. In addition, spamming attacks are of main concerns, while they are limited by Substrate block size limits and other factors. The issue is patched in commit `146bb48849e5393004be5c88beefe76fdf009aba`. |
2021-10-13 |
not yet calculated |
CVE-2021-41138
MISC
MISC
CONFIRM |
froxlor — froxlor
|
Froxlor through 0.10.29.1 allows SQL injection in Database/Manager/DbManagerMySQL.php via a custom DB name. |
2021-10-12 |
not yet calculated |
CVE-2021-42325
MISC |
gajim — gajim
|
Gajim 1.2.x and 1.3.x before 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted XMPP Last Message Correction (XEP-0308) message in multi-user chat, where the message ID equals the correction ID. |
2021-10-11 |
not yet calculated |
CVE-2021-41055
MISC
MISC |
getclientlp — getclientlp
|
A stored cross-site scripting (XSS) vulnerability in the getClientIp function in /lib/tinwin.class.php of Chaoji CMS 2.39, allows attackers to execute arbitrary web scripts. |
2021-10-14 |
not yet calculated |
CVE-2020-19962
MISC |
gitlab — gitlab
|
An issue has been discovered in GitLab affecting all versions starting from 13.0 before 14.0.9, all versions starting from 14.1 before 14.1.4, all versions starting from 14.2 before 14.2.2. A user account with ‘external’ status which is granted ‘Maintainer’ role on any project on the GitLab instance where ‘project tokens’ are allowed may elevate its privilege to ‘Internal’ and access Internal projects. |
2021-10-11 |
not yet calculated |
CVE-2021-22263
MISC
MISC
CONFIRM |
goahead — goahead
|
An issue was discovered in GoAhead 4.x and 5.x before 5.1.5. In the file upload filter, user form variables can be passed to CGI scripts without being prefixed with the CGI prefix. This permits tunneling untrusted environment variables into vulnerable CGI scripts. |
2021-10-14 |
not yet calculated |
CVE-2021-42342
MISC |
google — android
|
In onCreate of BluetoothPairingDialog, there is a possible way to enable Bluetooth without user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-182282956 |
2021-10-11 |
not yet calculated |
CVE-2021-0583
MISC |
gpac — gpac
|
An issue was discovered in gpac 0.8.0. The gf_media_nalu_remove_emulation_bytes function in av_parsers.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input. |
2021-10-12 |
not yet calculated |
CVE-2020-22678
MISC |
gpac — gpac
|
An issue was discovered in gpac 0.8.0. An invalid memory dereference exists in the function FixTrackID located in isom_intern.c, which allows attackers to cause a denial of service (DoS) via a crafted input. |
2021-10-12 |
not yet calculated |
CVE-2020-22674
MISC |
gpac — gpac
|
An issue was discovered in gpac 0.8.0. The GetGhostNum function in stbl_read.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input. |
2021-10-12 |
not yet calculated |
CVE-2020-22675
MISC |
gpac — gpac
|
Memory leak in the senc_Parse function in MP4Box in gpac 0.8.0 allows attackers to cause a denial of service (DoS) via a crafted input. |
2021-10-12 |
not yet calculated |
CVE-2020-22673
MISC |
gpac — gpac
|
An issue was discovered in gpac 0.8.0. The dump_data_hex function in box_dump.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input. |
2021-10-12 |
not yet calculated |
CVE-2020-22677
MISC |
gpac — gpac
|
Memory leak in the sgpd_parse_entry function in MP4Box in gpac 0.8.0 allows attackers to cause a denial of service (DoS) via a crafted input. |
2021-10-12 |
not yet calculated |
CVE-2020-22679
MISC |
hashicorp — vault
|
HashiCorp Vault and Vault Enterprise 1.8.x through 1.8.4 may have an unexpected interaction between glob-related policies and the Google Cloud secrets engine. Users may, in some situations, have more privileges than intended, e.g., a user with read permission for the /gcp/roleset/* path may be able to issue Google Cloud service account credentials. |
2021-10-11 |
not yet calculated |
CVE-2021-42135
MISC |
hero — ct060
|
There is an improper authentication vulnerability in Hero-CT060 before 1.0.0.200. The vulnerability is due to that when an user wants to do certain operation, the software does not insufficiently validate the user’s identity. Successful exploit could allow the attacker to do certain operations which the user are supposed not to do. |
2021-10-11 |
not yet calculated |
CVE-2021-37123
MISC |
hewlett_packard_enterprises — aruba_instant |
A remote buffer overflow vulnerability was discovered in HPE Aruba Instant (IAP) version(s): Aruba Instant 8.7.x.x: 8.7.0.0 through 8.7.1.2. Aruba has released patches for Aruba Instant (IAP) that address this security vulnerability. |
2021-10-12 |
not yet calculated |
CVE-2021-37726
MISC |
hewlett_packard_enterprises — aruba_instant |
A remote arbitrary command execution vulnerability was discovered in HPE Aruba Instant (IAP) version(s): 6.4.x.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x.x: 6.5.4.20 and below; Aruba Instant 8.5.x.x: 8.5.0.12 and below; Aruba Instant 8.6.x.x: 8.6.0.11 and below; Aruba Instant 8.7.x.x: 8.7.1.3 and below. Aruba has released patches for Aruba Instant (IAP) that address this security vulnerability. |
2021-10-12 |
not yet calculated |
CVE-2021-37727
MISC |
hewlett_packard_enterprises — aruba_instant |
A remote SQL injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 – – ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 – – ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability. |
2021-10-15 |
not yet calculated |
CVE-2021-37737
MISC |
hewlett_packard_enterprises — aruba_instant |
A remote denial of service vulnerability was discovered in Aruba Instant version(s): Aruba Instant 6.5.x.x: 6.5.4.18 and below; Aruba Instant 8.5.x.x: 8.5.0.10 and below; Aruba Instant 8.6.x.x: 8.6.0.4 and below. Aruba has released patches for Aruba Instant (IAP) that address this security vulnerability. |
2021-10-12 |
not yet calculated |
CVE-2021-37735
MISC |
hewlett_packard_enterprises — aruba_instant |
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 – – ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 – – ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability. |
2021-10-15 |
not yet calculated |
CVE-2021-37739
MISC |
hewlett_packard_enterprises — aruba_instant |
A remote arbitrary command execution vulnerability was discovered in HPE Aruba Instant (IAP) version(s): Aruba Instant 6.4.x.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x.x: 6.5.4.18 and below; Aruba Instant 8.5.x.x: 8.5.0.11 and below; Aruba Instant 8.6.x.x: 8.6.0.6 and below; Aruba Instant 8.7.x.x: 8.7.1.0 and below. Aruba has released patches for Aruba Instant (IAP) that address this security vulnerability. |
2021-10-12 |
not yet calculated |
CVE-2021-37732
MISC |
hewlett_packard_enterprises — aruba_instant |
A remote arbitrary command execution vulnerability was discovered in HPE Aruba Instant (IAP) version(s): Aruba Instant 6.4.x.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x.x: 6.5.4.20 and below; Aruba Instant 8.5.x.x: 8.5.0.12 and below; Aruba Instant 8.6.x.x: 8.6.0.11 and below; Aruba Instant 8.7.x.x: 8.7.1.3 and below. Aruba has released patches for Aruba Instant (IAP) that address this security vulnerability. |
2021-10-12 |
not yet calculated |
CVE-2021-37730
MISC |
hewlett_packard_enterprises — aruba_instant
|
A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 – – ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 – – ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability. |
2021-10-15 |
not yet calculated |
CVE-2021-37736
MISC |
hewlett_packard_enterprises — aruba_instant
|
A remote unauthorized read access to files vulnerability was discovered in Aruba Instant version(s): 6.4.x.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x.x: 6.5.4.19 and below; Aruba Instant 8.5.x.x: 8.5.0.12 and below; Aruba Instant 8.6.x.x: 8.6.0.11 and below; Aruba Instant 8.7.x.x: 8.7.1.3 and below; Aruba Instant 8.8.x.x: 8.8.0.0 and below. Aruba has released patches for Aruba Instant (IAP) that address this security vulnerability. |
2021-10-12 |
not yet calculated |
CVE-2021-37734
MISC |
hewlett_packard_enterprises — aruba_instant
|
A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 – – ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 – – ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability. |
2021-10-15 |
not yet calculated |
CVE-2021-37738
MISC |
hewlett_packard_enterprises — primera_storage
|
A potential security vulnerability has been identified in HPE 3PAR StoreServ, HPE Primera Storage and HPE Alletra 9000 Storage array firmware. An unauthenticated user could remotely exploit the low complexity issue to execute code as administrator. This vulnerability impacts completely the confidentiality, integrity, availability of the array. HPE has made the following software updates and mitigation information to resolve the vulnerability in 3PAR, Primera and Alletra 9000 firmware. |
2021-10-11 |
not yet calculated |
CVE-2021-26588
MISC |
hitachi — jp1/it_desktop_manager2_agent |
Hitachi JP1/IT Desktop Management 2 Agent 9 through 12 calls the SendMessageTimeoutW API with arbitrary arguments via a local pipe, leading to a local privilege escalation vulnerability. An attacker who exploits this issue could execute arbitrary code on the local system. |
2021-10-12 |
not yet calculated |
CVE-2021-29645
MISC |
hitachi — jp1/it_desktop_manager2_agent
|
Hitachi JP1/IT Desktop Management 2 Agent 9 through 12 contains a remote code execution vulnerability because of an Integer Overflow. An attacker with network access to port 31016 may exploit this issue to execute code with unrestricted privileges on the underlying OS. |
2021-10-12 |
not yet calculated |
CVE-2021-29644
MISC |
huntflow — enterprise
|
An LDAP injection vulnerability in /account/login in Huntflow Enterprise before 3.10.6 could allow an unauthenticated, remote user to modify the logic of an LDAP query and bypass authentication. The vulnerability is due to insufficient server-side validation of the email parameter before using it to construct LDAP queries. An attacker could bypass authentication exploiting this vulnerability by sending login attempts in which there is a valid password but a wildcard character in email parameter. |
2021-10-14 |
not yet calculated |
CVE-2021-37933
MISC |
ibm — cognos_analytics
|
IBM Cognos Analytics 11.1.7 and 11.2.0 could allow an authenticated user to execute code remotely due to incorrectly neutralizaing user-contrlled input that could be interpreted a a server-side include (SSI) directive. IBM X-Force ID: 199915. |
2021-10-15 |
not yet calculated |
CVE-2021-29679
CONFIRM
XF |
ibm — cognos_analytics
|
IBM Cognos Analytics 11.1.7 and 11.2.0 contains locally cached browser data, that could allow a local attacker to obtain sensitive information. |
2021-10-15 |
not yet calculated |
CVE-2020-4951
CONFIRM
XF |
ibm — cognos_analytics
|
IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to priviledge escalation where a lower evel user could have access to the ‘New Job’ page to which they should not have access to. IBM X-Force ID: 201695. |
2021-10-15 |
not yet calculated |
CVE-2021-29745
XF
CONFIRM |
ibm — data_risk_manager
|
IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 207980. |
2021-10-12 |
not yet calculated |
CVE-2021-38862
XF
CONFIRM |
ibm — data_risk_manager
|
IBM Data Risk Manager 2.0.6 stores user credentials in plain clear text which can be read by an authenticated user. IBM X-Force ID: 209947. |
2021-10-12 |
not yet calculated |
CVE-2021-38915
CONFIRM
XF |
ifsc — code_finder_project
|
SQL Injection vulnerability exists in IFSC Code Finder Project 1.0 via the searchifsccode POST parameter in /search.php. |
2021-10-13 |
not yet calculated |
CVE-2021-42224
MISC
MISC
MISC |
imagicle — application_suite
|
Imagicle Application Suite (for Cisco UC) before 2021.Summer.2 allows SQL injection. A low-privileged user could inject a SQL statement through the “Export to CSV” feature of the Contact Manager web GUI. |
2021-10-14 |
not yet calculated |
CVE-2021-42369
MISC
MISC |
inbody — inbody
|
InBody App for iOS versions prior to 2.3.30 and InBody App for Android versions prior to 2.2.90(510) contain a vulnerability which may lead to information disclosure only when it works with the body composition analyzer InBody Dial. This may allow an attacker who can connect to the InBody Dial with InBody App may obtain a victim’s measurement result measured by InBody Dial. |
2021-10-13 |
not yet calculated |
CVE-2021-20832
MISC
MISC |
keypair — keypair
|
keypair is a a RSA PEM key generator written in javascript. keypair implements a lot of cryptographic primitives on its own or by borrowing from other libraries where possible, including node-forge. An issue was discovered where this library was generating identical RSA keys used in SSH. This would mean that the library is generating identical P, Q (and thus N) values which, in practical terms, is impossible with RSA-2048 keys. Generating identical values, repeatedly, usually indicates an issue with poor random number generation, or, poor handling of CSPRNG output. Issue 1: Poor random number generation (`GHSL-2021-1012`). The library does not rely entirely on a platform provided CSPRNG, rather, it uses it’s own counter-based CMAC approach. Where things go wrong is seeding the CMAC implementation with “true” random data in the function `defaultSeedFile`. In order to seed the AES-CMAC generator, the library will take two different approaches depending on the JavaScript execution environment. In a browser, the library will use [`window.crypto.getRandomValues()`](https://github.com/juliangruber/keypair/blob/87c62f255baa12c1ec4f98a91600f82af80be6db/index.js#L971). However, in a nodeJS execution environment, the `window` object is not defined, so it goes down a much less secure solution, also of which has a bug in it. It does look like the library tries to use node’s CSPRNG when possible unfortunately, it looks like the `crypto` object is null because a variable was declared with the same name, and set to `null`. So the node CSPRNG path is never taken. However, when `window.crypto.getRandomValues()` is not available, a Lehmer LCG random number generator is used to seed the CMAC counter, and the LCG is seeded with `Math.random`. While this is poor and would likely qualify in a security bug in itself, it does not explain the extreme frequency in which duplicate keys occur. The main flaw: The output from the Lehmer LCG is encoded incorrectly. The specific [line][https://github.com/juliangruber/keypair/blob/87c62f255baa12c1ec4f98a91600f82af80be6db/index.js#L1008] with the flaw is: `b.putByte(String.fromCharCode(next & 0xFF))` The [definition](https://github.com/juliangruber/keypair/blob/87c62f255baa12c1ec4f98a91600f82af80be6db/index.js#L350-L352) of `putByte` is `util.ByteBuffer.prototype.putByte = function(b) {this.data += String.fromCharCode(b);};`. Simplified, this is `String.fromCharCode(String.fromCharCode(next & 0xFF))`. The double `String.fromCharCode` is almost certainly unintentional and the source of weak seeding. Unfortunately, this does not result in an error. Rather, it results most of the buffer containing zeros. Since we are masking with 0xFF, we can determine that 97% of the output from the LCG are converted to zeros. The only outputs that result in meaningful values are outputs 48 through 57, inclusive. The impact is that each byte in the RNG seed has a 97% chance of being 0 due to incorrect conversion. When it is not, the bytes are 0 through 9. In summary, there are three immediate concerns: 1. The library has an insecure random number fallback path. Ideally the library would require a strong CSPRNG instead of attempting to use a LCG and `Math.random`. 2. The library does not correctly use a strong random number generator when run in NodeJS, even though a strong CSPRNG is available. 3. The fallback path has an issue in the implementation where a majority of the seed data is going to effectively be zero. Due to the poor random number generation, keypair generates RSA keys that are relatively easy to guess. This could enable an attacker to decrypt confidential messages or gain authorized access to an account belonging to the victim. |
2021-10-11 |
not yet calculated |
CVE-2021-41117
CONFIRM
MISC |
kindeditor — kindeditor
|
Cross SIte Scripting (XSS) vulnerability exists in KindEditor 4.1.x via a Google search inurl:/examples/uploadbutton.html and then the .html file on the website that uses this editor (the file suffix is allowed). |
2021-10-14 |
not yet calculated |
CVE-2021-42227
MISC |
kindeditor — kindeditor
|
A Cross Site Request Forgery (CSRF) vulnerability exists in KindEditor 4.1.x, as demonstrated by examples/uploadbutton.html. |
2021-10-14 |
not yet calculated |
CVE-2021-42228
MISC |
kubernetes — java_client
|
Loading specially-crafted yaml with the Kubernetes Java Client library can lead to code execution. |
2021-10-11 |
not yet calculated |
CVE-2021-25738
MISC
MISC |
ledgersmb — ledgersmb
|
LedgerSMB does not set the ‘Secure’ attribute on the session authorization cookie when the client uses HTTPS and the LedgerSMB server is behind a reverse proxy. By tricking a user to use an unencrypted connection (HTTP), an attacker may be able to obtain the authentication data by capturing network traffic. LedgerSMB 1.8 and newer switched from Basic authentication to using cookie authentication with encrypted cookies. Although an attacker can’t access the information inside the cookie, nor the password of the user, possession of the cookie is enough to access the application as the user from which the cookie has been obtained. In order for the attacker to obtain the cookie, first of all the server must be configured to respond to unencrypted requests, the attacker must be suitably positioned to eavesdrop on the network traffic between the client and the server *and* the user must be tricked into using unencrypted HTTP traffic. Proper audit control and separation of duties limit Integrity impact of the attack vector. Users of LedgerSMB 1.8 are urged to upgrade to known-fixed versions. Users of LedgerSMB 1.7 or 1.9 are unaffected by this vulnerability and don’t need to take action. As a workaround, users may configure their Apache or Nginx reverse proxy to add the Secure attribute at the network boundary instead of relying on LedgerSMB. For Apache, please refer to the ‘Header always edit’ configuration command in the mod_headers module. For Nginx, please refer to the ‘proxy_cookie_flags’ configuration command. |
2021-10-14 |
not yet calculated |
CVE-2021-3882
CONFIRM
MISC
MISC |
libmobi — libmobi
|
libmobi is vulnerable to Out-of-bounds Read |
2021-10-15 |
not yet calculated |
CVE-2021-3881
MISC
CONFIRM |
libreoffice — libreoffice
|
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to modify a digitally signed ODF document to insert an additional signing time timestamp which LibreOffice would incorrectly present as a valid signature signed at the bogus signing time. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2. |
2021-10-12 |
not yet calculated |
CVE-2021-25634
MISC
DEBIAN |
libreoffice — libreoffice
|
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to combine multiple certificate data, which when opened caused LibreOffice to display a validly signed indicator but whose content was unrelated to the signature shown. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2. |
2021-10-11 |
not yet calculated |
CVE-2021-25633
MISC
DEBIAN |
linux — linux_kernel
|
An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileges, aka CID-b49a0e69a7b1. This occurs because a certain comparison uses values that are not memory sizes. |
2021-10-11 |
not yet calculated |
CVE-2021-42252
MISC
MISC |
manageengine — admanager_plus_build
|
ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the PasswordExpiry interface. |
2021-10-13 |
not yet calculated |
CVE-2021-20130
MISC |
manageengine — admanager_plus_build
|
ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the Personalization interface. |
2021-10-13 |
not yet calculated |
CVE-2021-20131
MISC |
mediawiki — mediawiki
|
The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is blocked after submitting a replace job, the job is still run, even if it may be run at a later time (due to the job queue backlog) |
2021-10-11 |
not yet calculated |
CVE-2021-41801
CONFIRM
MISC |
mediawiki — mediawiki
|
MediaWiki before 1.36.2 allows a denial of service (resource consumption because of lengthy query processing time). Visiting Special:Contributions can sometimes result in a long running SQL query because PoolCounter protection is mishandled. |
2021-10-11 |
not yet calculated |
CVE-2021-41800
MISC
MISC
CONFIRM
FEDORA
FEDORA |
mediawiki — mediawiki
|
MediaWiki before 1.36.2 allows a denial of service (resource consumption because of lengthy query processing time). ApiQueryBacklinks (action=query&list=backlinks) can cause a full table scan. |
2021-10-11 |
not yet calculated |
CVE-2021-41799
CONFIRM
MISC
FEDORA
FEDORA |
melsec — iq-r_series_safety_cpu
|
Authorization bypass through user-controlled key vulnerability in MELSEC iQ-R series Safety CPU R08/16/32/120SFCPU all versions and MELSEC iQ-R series SIL2 Process CPU R08/16/32/120PSFCPU all versions allows an remote unauthenticated attacker to login to a target CPU module by obtaining credentials other than password. |
2021-10-14 |
not yet calculated |
CVE-2021-20599
MISC
MISC |
mercury_router — pptp_server |
A remote command execution vulnerability exists in add_server_service of PPTP_SERVER in Mercury Router MER1200 v1.0.1 and Mercury Router MER1200G v1.0.1. |
2021-10-14 |
not yet calculated |
CVE-2020-22724
MISC |
microsoft — dynamics_365 |
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-41354
MISC |
microsoft — dynamics_365
|
Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-41353
MISC |
microsoft — dynamics_365
|
Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-40457
MISC |
microsoft — excel
|
Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-40471, CVE-2021-40473, CVE-2021-40474, CVE-2021-40485. |
2021-10-13 |
not yet calculated |
CVE-2021-40479
MISC |
microsoft — excel
|
Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-40473, CVE-2021-40474, CVE-2021-40479, CVE-2021-40485. |
2021-10-13 |
not yet calculated |
CVE-2021-40471
MISC |
microsoft — excel
|
Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-40471, CVE-2021-40473, CVE-2021-40474, CVE-2021-40479. |
2021-10-13 |
not yet calculated |
CVE-2021-40485
MISC |
microsoft — excel
|
Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-40471, CVE-2021-40474, CVE-2021-40479, CVE-2021-40485. |
2021-10-13 |
not yet calculated |
CVE-2021-40473
MISC |
microsoft — excel
|
Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-40471, CVE-2021-40473, CVE-2021-40479, CVE-2021-40485. |
2021-10-13 |
not yet calculated |
CVE-2021-40474
MISC |
microsoft — excel
|
Microsoft Excel Information Disclosure Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-40472
MISC |
microsoft — exchange_server |
Microsoft Exchange Server Denial of Service Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-34453
MISC |
microsoft — exchange_server
|
Microsoft Exchange Server Spoofing Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-41350
MISC |
microsoft — exchange_server
|
Microsoft Exchange Server Elevation of Privilege Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-41348
MISC |
microsoft — exchange_server
|
Microsoft Exchange Server Remote Code Execution Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-26427
MISC |
microsoft — microsoft
|
Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40478, CVE-2021-40488, CVE-2021-41345. |
2021-10-13 |
not yet calculated |
CVE-2021-40489
MISC
MISC |
microsoft — microsoft
|
Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40478, CVE-2021-40489, CVE-2021-41345. |
2021-10-13 |
not yet calculated |
CVE-2021-40488
MISC
MISC |
microsoft — office |
Microsoft Office Visio Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-40480. |
2021-10-13 |
not yet calculated |
CVE-2021-40481
MISC
MISC |
microsoft — office
|
Microsoft Office Visio Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-40481. |
2021-10-13 |
not yet calculated |
CVE-2021-40480
MISC
MISC |
microsoft — sharepoint
|
Microsoft SharePoint Server Information Disclosure Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-40482
MISC |
microsoft — sharepoint
|
Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-40483. |
2021-10-13 |
not yet calculated |
CVE-2021-40484
MISC |
microsoft — sharepoint
|
Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-41344. |
2021-10-13 |
not yet calculated |
CVE-2021-40487
MISC |
microsoft — sharepoint
|
Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-40484. |
2021-10-13 |
not yet calculated |
CVE-2021-40483
MISC |
microsoft — sharepoint
|
Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-40487. |
2021-10-13 |
not yet calculated |
CVE-2021-41344
MISC |
microsoft — win32k
|
Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40449, CVE-2021-40450. |
2021-10-13 |
not yet calculated |
CVE-2021-41357
MISC |
microsoft — windows |
Windows AD FS Security Feature Bypass Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-40456
MISC |
microsoft — windows |
Windows Installer Spoofing Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-40455
MISC |
microsoft — windows |
Rich Text Edit Control Information Disclosure Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-40454
MISC |
microsoft — windows |
Windows Hyper-V Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-38672. |
2021-10-13 |
not yet calculated |
CVE-2021-40461
MISC |
microsoft — windows |
Windows Nearby Sharing Elevation of Privilege Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-40464
MISC |
microsoft — windows |
Windows AppContainer Elevation Of Privilege Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-40476
MISC |
microsoft — windows |
Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40443, CVE-2021-40467. |
2021-10-13 |
not yet calculated |
CVE-2021-40466
MISC |
microsoft — windows |
Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-40460
MISC |
microsoft — windows |
Windows Print Spooler Information Disclosure Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-41332
MISC |
microsoft — windows |
Windows Fast FAT File System Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-38662. |
2021-10-13 |
not yet calculated |
CVE-2021-41343
MISC |
microsoft — windows |
SCOM Information Disclosure Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-41352
MISC |
microsoft — windows |
Windows Kernel Elevation of Privilege Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-41335
MISC |
microsoft — windows |
Windows Media Audio Decoder Remote Code Execution Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-41331
MISC |
microsoft — windows |
Windows AppX Deployment Service Elevation of Privilege Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-41347
MISC
MISC |
microsoft — windows
|
Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40466, CVE-2021-40467. |
2021-10-13 |
not yet calculated |
CVE-2021-40443
MISC |
microsoft — windows
|
Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40450, CVE-2021-41357. |
2021-10-13 |
not yet calculated |
CVE-2021-40449
MISC |
microsoft — windows
|
Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40449, CVE-2021-41357. |
2021-10-13 |
not yet calculated |
CVE-2021-40450
MISC |
microsoft — windows
|
Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40478, CVE-2021-40488, CVE-2021-40489. |
2021-10-13 |
not yet calculated |
CVE-2021-41345
MISC
MISC |
microsoft — windows
|
Console Window Host Security Feature Bypass Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-41346
MISC |
microsoft — windows
|
Windows Hyper-V Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-40461. |
2021-10-13 |
not yet calculated |
CVE-2021-38672
MISC |
microsoft — windows
|
Windows MSHTML Platform Remote Code Execution Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-41342
MISC |
microsoft — windows
|
Windows HTTP.sys Elevation of Privilege Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-26442
MISC |
microsoft — windows
|
Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-40462
MISC |
microsoft — windows
|
Windows NAT Denial of Service Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-40463
MISC |
microsoft — windows
|
Active Directory Federation Server Spoofing Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-41361
MISC |
microsoft — windows
|
Windows Text Shaping Remote Code Execution Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-40465
MISC |
microsoft — windows
|
Intune Management Extension Security Feature Bypass Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-41363
MISC |
microsoft — windows
|
Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40443, CVE-2021-40466. |
2021-10-13 |
not yet calculated |
CVE-2021-40467
MISC |
microsoft — windows
|
.NET Core and Visual Studio Information Disclosure Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-41355
MISC |
microsoft — windows
|
DirectX Graphics Kernel Elevation of Privilege Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-40470
MISC |
microsoft — windows
|
Windows exFAT File System Information Disclosure Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-38663
MISC |
microsoft — windows
|
Windows Desktop Bridge Elevation of Privilege Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-41334
MISC |
microsoft — windows
|
Windows Fast FAT File System Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-41343. |
2021-10-13 |
not yet calculated |
CVE-2021-38662
MISC |
microsoft — windows
|
Windows Print Spooler Spoofing Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-36970
MISC |
microsoft — windows
|
Windows TCP/IP Denial of Service Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-36953
MISC |
microsoft — windows
|
Microsoft Windows Media Foundation Remote Code Execution Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-41330
MISC |
microsoft — windows
|
Windows DNS Server Remote Code Execution Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-40469
MISC |
microsoft — windows
|
Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40488, CVE-2021-40489, CVE-2021-41345. |
2021-10-13 |
not yet calculated |
CVE-2021-40478
MISC
MISC |
microsoft — windows
|
Windows Event Tracing Elevation of Privilege Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-40477
MISC |
microsoft — windows
|
Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-40475
MISC |
microsoft — windows
|
Windows Kernel Information Disclosure Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-41336
MISC |
microsoft — windows
|
Active Directory Security Feature Bypass Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-41337
MISC |
microsoft — windows
|
Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-41338
MISC |
microsoft — windows
|
Microsoft DWM Core Library Elevation of Privilege Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-41339
MISC |
microsoft — windows
|
Windows Graphics Component Remote Code Execution Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-41340
MISC |
microsoft — windows
|
Windows Bind Filter Driver Information Disclosure Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-40468
MISC |
microsoft — word
|
Microsoft Word Remote Code Execution Vulnerability |
2021-10-13 |
not yet calculated |
CVE-2021-40486
MISC
MISC |
miniftpd — miniftpd
|
A Buffer Overflow vulnerability exists in the latest version of Miniftpd in the do_retr function in ftpproto.c |
2021-10-11 |
not yet calculated |
CVE-2021-40239
MISC |
minio — minio
|
Minio is a Kubernetes native application for cloud storage. All users on release `RELEASE.2021-10-10T16-53-30Z` are affected by a vulnerability that involves bypassing policy restrictions on regular users. Normally, checkKeyValid() should return owner true for rootCreds. In the affected version, policy restriction did not work properly for users who did not have service (svc) or security token service (STS) accounts. This issue is fixed in `RELEASE.2021-10-13T00-23-17Z`. A downgrade back to release `RELEASE.2021-10-08T23-58-24Z` is available as a workaround. |
2021-10-13 |
not yet calculated |
CVE-2021-41137
CONFIRM
MISC
MISC
MISC |
mitsubishi_electric — smartrtu_devices
|
Mitsubishi Electric SmartRTU devices allow remote attackers to obtain sensitive information (directory listing and source code) via a direct request to the /web URI. |
2021-10-15 |
not yet calculated |
CVE-2018-16060
MISC |
mitsubishi_electric — smartrtu_devices
|
Mitsubishi Electric SmartRTU devices allow XSS via the username parameter or PATH_INFO to login.php. |
2021-10-15 |
not yet calculated |
CVE-2018-16061
MISC |
moxa — mxview_network_management_software
|
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries. |
2021-10-12 |
not yet calculated |
CVE-2021-38456
MISC |
moxa — mxview_network_management_software
|
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries. |
2021-10-12 |
not yet calculated |
CVE-2021-38460
MISC |
moxa — mxview_network_management_software
|
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries. |
2021-10-12 |
not yet calculated |
CVE-2021-38452
MISC |
moxa — mxview_network_management_software
|
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries. |
2021-10-12 |
not yet calculated |
CVE-2021-38454
MISC |
moxa — mxview_network_management_software
|
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries. |
2021-10-12 |
not yet calculated |
CVE-2021-38458
MISC |
mozilla — firefox
|
A redirect vulnerability in the `fastify-static` module version >= 4.2.4 and < 4.4.1 allows remote attackers to redirect Mozilla Firefox users to arbitrary websites via a double slash `//` followed by a domain: `http://localhost:3000//a//youtube.com/%2e%2e%2f%2e%2e`.A DOS vulnerability is possible if the URL contains invalid characters `curl –path-as-is “http://localhost:3000//^/..”`The issue shows up on all the `fastify-static` applications that set `redirect: true` option. By default, it is `false`. |
2021-10-14 |
not yet calculated |
CVE-2021-22964
MISC |
mozilla — firefox
|
A redirect vulnerability in the fastify-static module version < 4.2.4 allows remote attackers to redirect users to arbitrary websites via a double slash // followed by a domain: http://localhost:3000//google.com/%2e%2e.The issue shows up on all the fastify-static applications that set redirect: true option. By default, it is false. |
2021-10-14 |
not yet calculated |
CVE-2021-22963
MISC |
nagios — xi |
The general user interface in Nagios XI versions prior to 5.8.4 is vulnerable to authenticated reflected cross-site scripting. An authenticated victim, who accesses a specially crafted malicious URL, would unknowingly execute the attached payload. |
2021-10-14 |
not yet calculated |
CVE-2021-33179
MISC |
nagios — xi
|
The Manage Backgrounds functionality within Nagvis versions prior to 2.0.9 is vulnerable to an authenticated path traversal vulnerability. Exploitation of this results in a malicious actor having the ability to arbitrarily delete files on the local system. |
2021-10-14 |
not yet calculated |
CVE-2021-33178
MISC |
nagios — xi
|
The Bulk Modifications functionality in Nagios XI versions prior to 5.8.5 is vulnerable to SQL injection. Exploitation requires the malicious actor to be authenticated to the vulnerable system, but once authenticated they would be able to execute arbitrary sql queries. |
2021-10-14 |
not yet calculated |
CVE-2021-33177
MISC |
netapp — cloud_manager
|
NetApp Cloud Manager versions prior to 3.9.10 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to retrieve sensitive data via the web proxy. |
2021-10-11 |
not yet calculated |
CVE-2021-27002
MISC |
nike — app
|
Improper authorization in handler for custom URL scheme vulnerability in Nike App for Android versions prior to 2.177 and Nike App for iOS versions prior to 2.177.1 allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App. |
2021-10-13 |
not yet calculated |
CVE-2021-20834
MISC
MISC
MISC |
og_tags — og_tags
|
Cross-site request forgery (CSRF) vulnerability in OG Tags versions prior to 2.0.2 allows a remote attacker to hijack the authentication of administrators and unintended operation may be performed via unspecified vectors. |
2021-10-13 |
not yet calculated |
CVE-2021-20831
MISC
MISC |
omero — omero
|
OMERO.web provides a web based client and plugin infrastructure. In versions prior to 5.11.0, a variety of templates do not perform proper sanitization through HTML escaping. Due to the lack of sanitization and use of “jQuery.html()“, there are a whole host of cross-site scripting possibilities with specially crafted input to a variety of fields. This issue is patched in version 5.11.0. There are no known workarounds aside from upgrading. |
2021-10-14 |
not yet calculated |
CVE-2021-41132
CONFIRM
MISC
MISC |
online_dj_booking_management_system– online_dj_booking_management_system |
Cross Site Scripting (XSS).vulnerability exists in Online DJ Booking Management System 1.0 in view-booking-detail.php. |
2021-10-13 |
not yet calculated |
CVE-2021-42223
MISC |
ontap — ontap
|
Clustered Data ONTAP versions prior to 9.5P18, 9.6P15, 9.7P14, 9.8P5 and 9.9.1 are missing an X-Frame-Options header which could allow a clickjacking attack. |
2021-10-12 |
not yet calculated |
CVE-2021-27003
MISC |
openrc — checkpath
|
checkpath in OpenRC before 0.44.7 uses the direct output of strlen() to allocate strings, which does not account for the ‘ |